Searching GIT Logs for Sensitive Data


If you’re concerned or curious about a certain value being changed in your GIT repository, the GIT logs are a great place to start. Using the git log command allows you to search for values in individual commits and returns all of the commits with an instance of that value.

For example, let’s say I have a value, “password”, that should not be checked into my GIT repository. If I wanted to check my commit history I could use a command like:

git log -S <string to search for>


git log -S password

Other available options include:

  • --all : Searches all branches and tags
  • --branches[=<patter>]: Searches branches that match the regex pattern
  • --tags[=<patter>]: Searches tags that match the regex pattern